This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-3508.NASLDebian DLA-3508-1 : linux - LTS security update
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
80.4%
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3508 advisory.
-
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. (CVE-2023-1380)
-
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. (CVE-2023-2002)
-
The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel.
(CVE-2023-2007) -
An issue in Zen 2 CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. (CVE-2023-20593)
-
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub- component. (CVE-2023-2269)
-
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e. (CVE-2023-3090)
-
An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process. (CVE-2023-31084)
-
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag(). (CVE-2023-3111)
-
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. (CVE-2023-3141)
-
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. (CVE-2023-32233)
-
An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. (CVE-2023-3268)
-
A null pointer dereference flaw was found in the Linux kernel’s DECnet networking protocol. This issue could allow a remote user to crash the system. (CVE-2023-3338)
-
DISPUTED An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated When modifying the block device while it is mounted by the filesystem access.
(CVE-2023-34256) -
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7.
It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets.
This may result in denial of service or privilege escalation. (CVE-2023-35788) -
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c. (CVE-2023-35823)
-
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c. (CVE-2023-35824)
-
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c. (CVE-2023-35828)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dla-3508. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('compat.inc');
if (description)
{
script_id(178958);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/27");
script_cve_id(
"CVE-2023-1380",
"CVE-2023-2002",
"CVE-2023-2007",
"CVE-2023-2269",
"CVE-2023-3090",
"CVE-2023-3111",
"CVE-2023-3141",
"CVE-2023-3268",
"CVE-2023-3338",
"CVE-2023-20593",
"CVE-2023-31084",
"CVE-2023-32233",
"CVE-2023-34256",
"CVE-2023-35788",
"CVE-2023-35823",
"CVE-2023-35824",
"CVE-2023-35828"
);
script_name(english:"Debian DLA-3508-1 : linux - LTS security update");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
script_set_attribute(attribute:"description", value:
"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the
dla-3508 advisory.
- A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur
when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading
to a denial of service. (CVE-2023-1380)
- A vulnerability was found in the HCI sockets implementation due to a missing capability check in
net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of
management commands, compromising the confidentiality, integrity, and availability of Bluetooth
communication. (CVE-2023-2002)
- The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper
locking when performing operations on an object. An attacker can leverage this in conjunction with other
vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel.
(CVE-2023-2007)
- An issue in Zen 2 CPUs, under specific microarchitectural circumstances, may allow an attacker to
potentially access sensitive information. (CVE-2023-20593)
- A denial of service problem was found, due to a possible recursive locking scenario, resulting in a
deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-
component. (CVE-2023-2269)
- A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to
achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in
the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend
upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e. (CVE-2023-3090)
- An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a
blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is
called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event,
down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and
down(&fepriv->sem) may block the process. (CVE-2023-31084)
- A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the
Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling
btrfs_ioctl_defrag(). (CVE-2023-3111)
- A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the
Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading
to a kernel information leak. (CVE-2023-3141)
- In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests
can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users
can obtain root privileges. This occurs because anonymous sets are mishandled. (CVE-2023-32233)
- An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in
kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel
internal information. (CVE-2023-3268)
- A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue
could allow a remote user to crash the system. (CVE-2023-3338)
- ** DISPUTED ** An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in
crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check
an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against
attackers with the stated When modifying the block device while it is mounted by the filesystem access.
(CVE-2023-34256)
- An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7.
It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets.
This may result in denial of service or privilege escalation. (CVE-2023-35788)
- An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in
drivers/media/pci/saa7134/saa7134-core.c. (CVE-2023-35823)
- An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in
drivers/media/pci/dm1105/dm1105.c. (CVE-2023-35824)
- An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in
renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c. (CVE-2023-35828)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/linux");
script_set_attribute(attribute:"see_also", value:"https://www.debian.org/lts/security/2023/dla-3508");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-1380");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-2002");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-2007");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-20593");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-2269");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-3090");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-31084");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-3111");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-3141");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-32233");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-3268");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-3338");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-34256");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35788");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35823");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35824");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35828");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/buster/linux");
script_set_attribute(attribute:"solution", value:
"Upgrade the linux packages.
For Debian 10 buster, these problems have been fixed in version 4.19.289-1.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-35788");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/03/27");
script_set_attribute(attribute:"patch_publication_date", value:"2023/07/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/07/28");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:hyperv-daemons");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libbpf-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libbpf4.19");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libcpupower-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libcpupower1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-8-arm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-8-x86");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-config-4.19");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-cpupower");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-doc-4.19");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-686");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-686-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-amd64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-arm64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-armhf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-i386");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-amd64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-arm64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-armmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-armmp-lpae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-cloud-amd64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-common-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-686-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-amd64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-arm64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-armmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-pae-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-amd64-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-amd64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-arm64-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-arm64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmp-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmp-lpae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmp-lpae-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-cloud-amd64-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-cloud-amd64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-686-pae-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-686-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-amd64-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-amd64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-arm64-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-arm64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-armmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-armmp-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-kbuild-4.19");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-libc-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-perf-4.19");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-source-4.19");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-support-4.19.0-19");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:usbip");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(10)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);
var pkgs = [
{'release': '10.0', 'prefix': 'hyperv-daemons', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'libbpf-dev', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'libbpf4.19', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'libcpupower-dev', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'libcpupower1', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-compiler-gcc-8-arm', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-compiler-gcc-8-x86', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-config-4.19', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-cpupower', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-doc-4.19', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-686', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-686-pae', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-amd64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-arm64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-armhf', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-i386', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-amd64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-arm64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-armmp', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-armmp-lpae', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-cloud-amd64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-common', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-common-rt', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-rt-686-pae', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-rt-amd64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-rt-arm64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-rt-armmp', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-686-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-686-pae-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-686-pae', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-686', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-amd64-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-amd64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-arm64-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-arm64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-armmp', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-armmp-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-armmp-lpae', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-armmp-lpae-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-cloud-amd64-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-cloud-amd64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-686-pae-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-686-pae', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-amd64-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-amd64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-arm64-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-arm64', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-armmp', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-armmp-dbg', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-amd64-signed-template', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-arm64-signed-template', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-image-i386-signed-template', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-kbuild-4.19', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-libc-dev', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-perf-4.19', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-source-4.19', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'linux-support-4.19.0-19', 'reference': '4.19.289-1'},
{'release': '10.0', 'prefix': 'usbip', 'reference': '4.19.289-1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var _release = NULL;
var prefix = NULL;
var reference = NULL;
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (_release && prefix && reference) {
if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : deb_report_get()
);
exit(0);
}
else
{
var tested = deb_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hyperv-daemons / libbpf-dev / libbpf4.19 / libcpupower-dev / etc');
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1380
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2002
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2007
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20593
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2269
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3090
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31084
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3141
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32233
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3268
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3338
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34256
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35823
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35824
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35828
packages.debian.org/source/buster/linux
security-tracker.debian.org/tracker/CVE-2023-1380
security-tracker.debian.org/tracker/CVE-2023-2002
security-tracker.debian.org/tracker/CVE-2023-2007
security-tracker.debian.org/tracker/CVE-2023-20593
security-tracker.debian.org/tracker/CVE-2023-2269
security-tracker.debian.org/tracker/CVE-2023-3090
security-tracker.debian.org/tracker/CVE-2023-31084
security-tracker.debian.org/tracker/CVE-2023-3111
security-tracker.debian.org/tracker/CVE-2023-3141
security-tracker.debian.org/tracker/CVE-2023-32233
security-tracker.debian.org/tracker/CVE-2023-3268
security-tracker.debian.org/tracker/CVE-2023-3338
security-tracker.debian.org/tracker/CVE-2023-34256
security-tracker.debian.org/tracker/CVE-2023-35788
security-tracker.debian.org/tracker/CVE-2023-35823
security-tracker.debian.org/tracker/CVE-2023-35824
security-tracker.debian.org/tracker/CVE-2023-35828
security-tracker.debian.org/tracker/source-package/linux
www.debian.org/lts/security/2023/dla-3508
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
80.4%